Re: FreeBSD Security Advisory FreeBSD-SA-14:06.openssl

看板FB_security作者時間11年前 (2014/04/10 19:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串13/14 (看更多)
>> >> SSH is not affected. >> > > SSH is indeed not affected, but I guess you should still consider the secret sshd key on your otherwise affected server as burnt, as it might have been in the memory too while an attacker was inspecting it via heartbleed. Better recreate the secret ssh key and all other secret keys on your server as well. But, again, the OpenSSH protocol/software per se are not affected. This is incorrect. The heartbleed exploit would have only returned portions of memory that were under the control of OpenSSL, not general memory used by other processes on the system. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 clopez. 的文章
文章代碼(AID): #1JHddlVn (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 13 之 14 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共14篇)
更多 clopez. 的文章
文章代碼(AID): #1JHddlVn (FB_security)